Arbitrary DOS device name

Daniel Kucera wine at danman.eu
Tue Feb 15 03:19:21 CST 2022 

On 2022-02-15 09:09, Daniel Kucera wrote:
> On 2022-02-15 01:56, Zebediah Figura wrote:
>> On 2/14/22 03:49, Daniel Kucera wrote:
>>> On 2022-02-14 01:14, Daniel Kucera wrote:
>>>> On 2022-02-14 00:20, Daniel Kucera wrote:
>>>>> On 2022-02-01 22:39, Zebediah Figura wrote:
>>>>>> On 2/1/22 13:25, danman at danman.eu wrote:
>>>>>>> I checked with strace:
>>>>>>> 
>>>>>>> openat(AT_FDCWD,
>>>>>>> "/usr/lib/wine/../x86_64-linux-gnu/wine/dpinst64.exe.so", 
>>>>>>> O_RDONLY)
>>>>>>> = -1
>>>>>>> ENOENT (No such file or directory)
>>>>>>> write(2, "0009:err:module:__wine_process_i"...,
>>>>>>> 850009:err:module:__wine_process_init
>>>>>>> L"C:\\windows\\system32\\dpinst64.exe" not found
>>>>>>> ) = 85
>>>>>>> 
>>>>>>> copied the lib:
>>>>>>> sudo cp programs/dpinst64/dpinst64.exe.so
>>>>>>> /usr/lib/x86_64-linux-gnu/wine/
>>>>>>> 
>>>>>>> now I am getting:
>>>>>>> 
>>>>>>> $ wine64 ~/.wine/drive_c/windows/system32/dpinst64.exe
>>>>>>> 002b:err:module:__wine_process_init
>>>>>>> L"C:\\windows\\system32\\dpinst64.exe" not supported on this 
>>>>>>> system
>>>>>>> 
>>>>>>> The same with setup.exe:
>>>>>>> 
>>>>>>> $ WINEDLLOVERRIDES=dpinst64.exe=b,n WINEDEBUG=dpinst+trace wine64
>>>>>>> Setup.EXE
>>>>>>> 0032:fixme:shell:SHChangeNotify ignoring unsupported flags: 2001
>>>>>>> 0040:err:module:__wine_process_init L"C:\\Program Files
>>>>>>> (x86)\\Hantek6000\\Bin\\dpinst64.exe" not supported on this 
>>>>>>> system
>>>>>>> 0042:err:module:__wine_process_init L"C:\\Program Files
>>>>>>> (x86)\\Hantek6000\\Bin\\dpinst64.exe" not supported on this 
>>>>>>> system
>>>>>>> 
>>>>>> 
>>>>>> If you're building with MinGW, you want to copy it as 
>>>>>> "dpinst64.exe",
>>>>>> not "dpinst64.exe.so".
>>>>>> 
>>>>>> Probably easier is just to run the wine binary from the build tree
>>>>>> instead, e.g. "path/to/build/tree/wine64 Setup.EXE". That doesn't
>>>>>> require installing anything at all.
>>>>> 
>>>>> It took me a while to understand what's wrong there - the setup.exe 
>>>>> is
>>>>> 32bit binary and I didn't run with wine64 so I have to recompile 
>>>>> 32bit
>>>>> wine.
>>>>> Now, when I am installing the software, I get following error:
>>>>> 
>>>>> 0118:fixme:imm:ImeSetActiveContext (0x257560, 0): stub
>>>>> 0118:fixme:imm:ImmReleaseContext (00020060, 00257560): stub
>>>>> 0108:fixme:imm:ImeSetActiveContext (0x245220, 1): stub
>>>>> 0108:fixme:imm:ImmReleaseContext (00020090, 00245220): stub
>>>>> 0138:err:module:import_dll Library USBD.SYS (which is needed by
>>>>> L"C:\\Program 
>>>>> Files\\Hantek6000\\Driver\\Win10\\Hantek6000BX86.sys")
>>>>> not found
>>>>> 0150:err:module:import_dll Library USBD.SYS (which is needed by
>>>>> L"C:\\Program 
>>>>> Files\\Hantek6000\\Driver\\Others\\Hantek6000BX86.sys")
>>>>> not found
>>>>> 0108:fixme:shell:SHChangeNotify ignoring unsupported flags: 2001
>>>>> 
>>>>> Is there something to do to "activate" usbd.sys support? Is it
>>>>> implemented at all?
>>>>> 
>>>>> Thank you for everything.
>>>>> 
>>>>> Daniel.
>>>> 
>>>> I've found out it is searching for usbd.sys in following paths:
>>>> 0120:trace:module:load_dll looking for L"USBD.SYS" in
>>>> L"C:\\users\\danman\\Temp;C:\\windows\\system32;C:\\windows\\system;C:\\windows;.;C:\\windows\\system32;C:\\windows;C:\\windows\\system32\\wbem;C:\\windows\\system32\\WindowsPowershell\\v1.0"
>>>> 0120:err:module:import_dll Library USBD.SYS (which is needed by
>>>> L"C:\\Program Files\\Hantek6000\\Driver\\Others\\HANT~1W0.SYS") not
>>>> found
>>>> 
>>>> but it was in system32/drivers so I copied it to system32. Now I am
>>>> getting ntdll error:
>>>> 
>>>> $ WINEDEBUG=trace+dpinst wine Setup.EXE
>>>> 0044:fixme:imm:ImeSetActiveContext (0x257540, 0): stub
>>>> 0044:fixme:imm:ImmReleaseContext (00010020, 00257540): stub
>>>> 0024:fixme:imm:ImeSetActiveContext (0x245240, 1): stub
>>>> 0024:fixme:imm:ImmReleaseContext (0001005A, 00245240): stub
>>>> 0024:fixme:shell:SHChangeNotify ignoring unsupported flags: 2001
>>>> 0158:err:ntdll:NtQueryInformationToken Unhandled token information
>>>> class 26
>>>> 0150:fixme:imm:ImeSetActiveContext (0x245380, 1): stub
>>>> 0150:fixme:imm:ImmReleaseContext (000D00C6, 00245380): stub
>>> 
>>> I have patched my ntdll to respond to class 26 like this:
>>> 
>>> diff --git a/dlls/ntdll/unix/security.c b/dlls/ntdll/unix/security.c
>>> index 8e3afd07..5fcd2fba 100644
>>> --- a/dlls/ntdll/unix/security.c
>>> +++ b/dlls/ntdll/unix/security.c
>>> @@ -503,6 +503,10 @@ NTSTATUS WINAPI NtQueryInformationToken( HANDLE
>>> token, TOKEN_INFORMATION_CLASS c
>>>            SERVER_END_REQ;
>>>            break;
>>> 
>>> +    case TokenUIAccess:
>>> +        status = STATUS_SUCCESS;
>>> +       break;
>>> +
>>>        default:
>>>            ERR( "Unhandled token information class %u\n", class );
>>>            return STATUS_NOT_IMPLEMENTED;
>>> 
>>> Now I see something new - there is a driver install wizard showing
>>> failed installation of the driver so there is probably something 
>>> wrong
>>> with the installation, see this video:
>>> https://www.youtube.com/watch?v=Ko9gg6wVsX8
>>> 
>>> I can also see there is dpinst process while the wizard is on:
>>> danman    498279 10.8  0.7 1938044 30568 ?       Ss   09:29   0:01
>>> C:\Program Files (x86)\Hantek6000\Bin\dpinst64.exe /F /EL /PATH
>>> C:\Program Files (x86)\Hantek6000\Driver\Win10
>> 
>> That's native dpinst, which is exactly what my builtin implementation
>> is supposed to replace.
>> 
>> That said, if you're getting FIXMEs from usbd.sys, that should mean
>> that the driver has already been installed and even enumerated, so I
>> suppose you must have used builtin dpinst at some point. So now all
>> that remains is to run the program and see if it manages to find its
>> custom character device.
> 
> I run the software after each change and it still cannot find the 
> device.
> 
> But the driver seems to be installed:
> 
> danman at danman-VirtualBox:~/.wine/drive_c/Program Files
> (x86)/Hantek6000$ find ~/.wine/drive_c/windows/ | grep -i hant
> /home/danman/.wine/drive_c/windows/inf/Hantek6000B.inf
> /home/danman/.wine/drive_c/windows/inf/Hantek6000B.pnf
> /home/danman/.wine/drive_c/windows/system32/driverstore/filerepository/Hantek6000B.inf_8fc6bacdccaea0f2e123badfd166626c32bc0969
> /home/danman/.wine/drive_c/windows/system32/driverstore/filerepository/Hantek6000B.inf_8fc6bacdccaea0f2e123badfd166626c32bc0969/Hantek6000B.inf
> /home/danman/.wine/drive_c/windows/system32/driverstore/filerepository/Hantek6000B.inf_8fc6bacdccaea0f2e123badfd166626c32bc0969/Hantek6000B.cat
> /home/danman/.wine/drive_c/windows/system32/driverstore/filerepository/Hantek6000B.inf_8fc6bacdccaea0f2e123badfd166626c32bc0969/Hantek6000BAMD64.SYS
> /home/danman/.wine/drive_c/windows/system32/catroot/{f750e6c3-38ee-11d1-85e5-00c04fc295ee}/Hantek6000B.cat

The inf file contains a definition of a service:

[DSO6CDE.AddServiceAmd64]
DisplayName = %SvcDesc%
ServiceType = 1
StartType = 3
ErrorControl = 1
ServiceBinary = %10%\System32\Drivers\Hantek6000BAMD64.SYS

When I check my Windows installation, the service is present in registry 
(see attached export).
But it is not present in Wine. So I tried to load the export.
The service still hasn't been started on wine start so I changed Start 
DWORD from 3 to 2

Now I see the service failing start:

003c:trace:service:process_send_start_message 0000000000158F60 
L"DSO6CDE" 0000000000000000 0
00d4:trace:service:service_handle_control L"winedevice" control 
2147483648 data 00000000001487D2 data_size 16
00d4:trace:service:OpenSCManagerW (null) (null) 0x1
00a0:trace:service:svcctl_OpenSCManagerW ((null), (null), 1)
00d4:trace:service:OpenServiceW 0000000000148D40 L"DSO6CDE" 0x8001
00a0:trace:service:svcctl_OpenServiceW (L"DSO6CDE", 0x8001)
00d4:trace:service:CloseServiceHandle 0000000000148D40
00a0:trace:service:svcctl_CloseServiceHandle (&000000000015AC80)
00d4:trace:service:QueryServiceConfigW 0000000000148F60 0000000000000000 
0 0000000000A1FA50
00a0:trace:service:svcctl_QueryServiceConfigW (0000000000FCF978)
00d4:trace:service:QueryServiceConfigW 0000000000148F60 000000000014A1E0 
284 0000000000A1FA50
00a0:trace:service:svcctl_QueryServiceConfigW (0000000000FCF978)
00d4:trace:service:QueryServiceConfigW Image path           = 
L"\\SystemRoot\\System32\\Drivers\\Hantek6000BAMD64.SYS"
00d4:trace:service:QueryServiceConfigW Group                = L""
00d4:trace:service:QueryServiceConfigW Dependencies         = L""
00d4:trace:service:QueryServiceConfigW Service account name = 
L"LocalSystem"
00d4:trace:service:QueryServiceConfigW Display name         = 
L"@oem9.inf,%SvcDesc%;Hantek6000B Scope Service"
00d4:trace:service:SetServiceStatus 0000000000148F60 0x30 0x2 0 0 0 0 
0x2710
00a0:trace:service:svcctl_SetServiceStatus (000000000015ADD0, 
0000000000159F04)
00d4:err:ntoskrnl:ZwLoadDriver failed to create driver 
L"\\Registry\\Machine\\System\\CurrentControlSet\\Services\\DSO6CDE": 
c0000142
00d4:trace:service:SetServiceStatus 0000000000148F60 0x30 0x1 0 0 0 0 0
00a0:trace:service:svcctl_SetServiceStatus (000000000015ADD0, 
0000000000159EA4)
00d4:trace:service:CloseServiceHandle 0000000000148F60
00dc:trace:service:svcctl_CloseServiceHandle (&000000000015ADD0)
003c:trace:service:service_start returning 1114
003c:fixme:service:scmdatabase_autostart_services Auto-start service 
L"DSO6CDE" failed to start: 1114



And the program still cannot find the device.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: dso6cde.reg
Type: text/x-ms-regedit
Size: 1330 bytes
Desc: not available
URL: <http://www.winehq.org/pipermail/wine-devel/attachments/20220215/7feb39f5/attachment.bin>

More information about the wine-devel mailing list